Difference between revisions of "Software ssl certificate issues"

From MEG Core
Jump to navigation Jump to search
Line 12: Line 12:
 
Fedora: Certs go in /etc/pki/ca-trust/source/anchors >> update-ca-trust
 
Fedora: Certs go in /etc/pki/ca-trust/source/anchors >> update-ca-trust
   
==Pip and conda SSL certificates:==
+
==Pip and Conda SSL certificates:==
===Error:===
+
===PIP Error:===
 
Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)'))) - skipping
 
Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)'))) - skipping
  +
  +
===Conda Error:===
  +
Collecting package metadata (current_repodata.json): done
  +
Solving environment: done
  +
  +
CondaHTTPError: HTTP 000 CONNECTION FAILED for url <https://repo.anaconda.com/pkgs/main/linux-64/current_repodata.json>
  +
Elapsed: -
  +
  +
An HTTP error occurred when trying to retrieve this URL.
  +
HTTP errors are often intermittent, and a simple retry will get you on your way.
  +
  +
If your current network has https://www.anaconda.com blocked, please file
  +
a support request with your network engineering team.
  +
  +
'https://repo.anaconda.com/pkgs/main/linux-64'
  +
   
 
===Answer:===
 
===Answer:===

Revision as of 12:09, 14 June 2022

Browser Issue:

CERT issue.jpg


Install certificate in settings > Privacy and Security > Certificates > View Certificates > Import (Authorities tab)
CERT firefox install loc.png


SystemWide certificates:

 UBUNTU:  https://ubuntu.com/server/docs/security-trust-store
 Fedora:  Certs go in /etc/pki/ca-trust/source/anchors  >> update-ca-trust

Pip and Conda SSL certificates:

PIP Error:

 Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1091)'))) - skipping

Conda Error:

 Collecting package metadata (current_repodata.json): done
 Solving environment: done
 
 CondaHTTPError: HTTP 000 CONNECTION FAILED for url <https://repo.anaconda.com/pkgs/main/linux-64/current_repodata.json>
 Elapsed: -
 
 An HTTP error occurred when trying to retrieve this URL.
 HTTP errors are often intermittent, and a simple retry will get you on your way.
 
 If your current network has https://www.anaconda.com blocked, please file
 a support request with your network engineering team.
 
 'https://repo.anaconda.com/pkgs/main/linux-64'


Answer:

https://stackoverflow.com/questions/39356413/how-to-add-a-custom-ca-root-certificate-to-the-ca-store-used-by-pip-in-windows

 #From the Website above
 pip config set global.cert path/to/ca-bundle.crt
 pip config list
 conda config --set ssl_verify path/to/ca-bundle.crt
 conda config --show ssl_verify
 
 # Bonus while we are here...
 git config --global http.sslVerify true
 git config --global http.sslCAInfo path/to/ca-bundle.crt


Single use:

 pip --cert ${certificate path} pip_command